668 matches found
CVE-2026-53015
A flaw was found in the Linux kernel's erofs filesystem. On 32-bit platforms, the lcn variable, used for logical cluster numbers, was defined as a 32-bit integer. This could lead to truncation when calculating offsets larger than 4 Gigabytes GiB, potentially causing incorrect data handling within...
CVE-2026-53272
In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...
EUVD-2026-39223
In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...
CVE-2026-53272
The CVE-2026-53272 entry concerns the EROFS filesystem in the Linux kernel. A use-after-free was fixed in sbi->sync_decompress: z_erofs_endio() queues z_erofs_decompressqueue_work(), then, after folios unlock, the unmount path can proceed and erofs_sb_free may kfree(sbi) before sbi->sync_de...
EUVD-2026-38883
In the Linux kernel, the following vulnerability has been resolved: erofs: unify lcn as u64 for 32-bit platforms As sashiko reported 1, lcn was typed as unsigned long or unsigned int sometimes, which is only 32 bits wide on 32-bit platforms, which causes lcn lclusterbits to be truncated at 4 GiB...
CVE-2026-53015
In the Linux kernel’s EROFS code, the lcn field was typed as unsigned long (or unsigned int), which is 32-bit on 32-bit platforms, causing (lcn <
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Avoid using multiple devices of different types. For multiple devices, both the primary and additional devices should be of the same type. erofsinitdevice already ensures that if the primary device is a file-backed device,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, this process can be interrupted by a SIGKILL signal, resulting in the number of bytes actually copied...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak when the block address of a non-inlined pcluster is zero. Syzkaller reported a memory leak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed Unreferenced object...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Stop parsing non-compact HEAD indexes if clusterofs is invalid Syzbot generated a crafted image with a non-compact HEAD index of clusterofs 33024. Valid numbers should be between 0 and lclustersize-1, which causes the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed the UAF issue for file-backed mounts with the directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereadIter+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: corrected incorrect kunmap when using LZMA on HIGHMEM platforms As shown in the call trace, the root cause is incorrect pages handled by kunmap: BUG: Kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed buffer copy overflow in the ztailpacking feature I received the following KASAN reports: 46.959378 ================================================================== 46.960430 BUG: KASAN: use-after-free in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Properly handling NONHEAD !delta1 lclusters. The syzbot tool reported a warning in iomapiterdone: iomapfiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctlfiemap fs/ioctl.c:220 inline Generally, NONHEAD lclusters will not have...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Wake up all waiters after zerofslzmahead is ready When the user mounts erofs a second time, the decompression thread may become hung. The issue occurs due to a sequence of steps like the following: 1 Task A calls...
Astra Linux – Vulnerability in Linux 5.15, Linux
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for pcluster use-after-free on UP platforms During stress testing with CONFIGSMP disabled, KASAN reports the following issue: ================================================================== BUG: KASAN: Use-after-fre...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: The issue of generating a order = MAXORDER warning due to an intentionally crafted negative isize has been fixed. As reported by syzbot 1, the root cause is that the isize field is a signed type, and a negative isize value...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed the issue where xasretry was missing in the fscache mode. The xarray iteration only holds the RCU read lock; therefore, an XARETRYENTRY may be encountered if a process modifies the xarray concurrently. This would lea...
RLSA-2026:25191 Critical: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: Linux kernel: Denial of Service in erofs filesystem CVE-2026-31467 kernel: can: raw: fix...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...